[Fuego] [PATCH 1/1] jenkins: upgrade to latest LTS release (2.164.2)
Tim.Bird at sony.com
Tim.Bird at sony.com
Thu May 2 00:05:13 UTC 2019
Applied.
Thanks!
-- Tim
> -----Original Message-----
> From: fuego-bounces at lists.linuxfoundation.org [mailto:fuego-
> bounces at lists.linuxfoundation.org] On Behalf Of Fathi Boudra
> Sent: Friday, April 12, 2019 1:44 AM
> To: fuego at lists.linuxfoundation.org
> Subject: [Fuego] [PATCH 1/1] jenkins: upgrade to latest LTS release (2.164.2)
>
> Fixes security issues:
> * SECURITY-1289 / CVE-2019-1003049
> Jenkins accepted cached legacy CLI authentication
> * SECURITY-1327 / CVE-2019-1003050
> XSS vulnerability in form validation button
>
> Signed-off-by: Fathi Boudra <fathi.boudra at linaro.org>
> ---
> Dockerfile | 4 ++--
> install-debian.sh | 4 ++--
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/Dockerfile b/Dockerfile
> index bdfae55..b942be2 100644
> --- a/Dockerfile
> +++ b/Dockerfile
> @@ -93,8 +93,8 @@ ARG group=jenkins
> ARG uid=1000
> ARG gid=${uid}
> ARG JENKINS_PORT=8090
> -ARG JENKINS_VERSION=2.164.1
> -ARG JENKINS_SHA=969df594d1958800cd7da55e19ca75cf65f7fbf0
> +ARG JENKINS_VERSION=2.164.2
> +ARG JENKINS_SHA=4536f43f61b1fca6c58bd91040fa09304eea96ab
> ARG JENKINS_URL=https://pkg.jenkins.io/debian-
> stable/binary/jenkins_${JENKINS_VERSION}_all.deb
> ARG JENKINS_UC=https://updates.jenkins.io
> ARG REF=/var/lib/jenkins/plugins
> diff --git a/install-debian.sh b/install-debian.sh
> index dddd660..04b649d 100755
> --- a/install-debian.sh
> +++ b/install-debian.sh
> @@ -90,8 +90,8 @@ fi
> #
> ==========================================================
> ====================
>
> if [ $nojenkins -eq 0 ]; then
> - JENKINS_VERSION=2.164.1
> - JENKINS_SHA=969df594d1958800cd7da55e19ca75cf65f7fbf0
> + JENKINS_VERSION=2.164.2
> + JENKINS_SHA=4536f43f61b1fca6c58bd91040fa09304eea96ab
> JENKINS_URL=https://pkg.jenkins.io/debian-
> stable/binary/jenkins_${JENKINS_VERSION}_all.deb
> JENKINS_UC=https://updates.jenkins.io
> REF=/var/lib/jenkins/plugins
> --
> 2.20.1
>
> _______________________________________________
> Fuego mailing list
> Fuego at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/fuego
More information about the Fuego
mailing list